swagkarna / defeat-defender-v1.2.0 Goto Github PK

Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC

License: GNU General Public License v3.0

Batchfile 45.88% AutoHotkey 25.24% Python 28.88%

bypass defender antivirus fud malware payload malware-dropper bypass-antivirus undetectable av-evasion

defeat-defender-v1.2.0's Introduction

Defeat-Defender-1.2

If you like the tool and for my personal motivation so as to develop other tools please leave a +1 star

Powerfull Batch File To Disable Windows Defender,Firewall,Smartscreen And Execute the payload

Usage :

Run run.bat and enter the direct link of your malware
Run the script "Defeat-Defender.bat" . It will ask for Admin Permission.If permission Granted The script will work Silently and dismantle all protection...

After it got admin permission it will disable defender

PUAProtection
Automatic Sample Submission
Windows FireWall
Windows Smart Screen(Permanently)
Disable Quickscan
Add exe file to exclusions in defender settings
Disable Defender Notification (Added Recently)
Disable UAC(Reboot Required)
Disable Ransomware Protection
Disable TaskManager
Disable registry etc..

Proof-Of-Concept

defeat-defender_W89Khs8L_TvOB.mp4

Bypasssing Windows-Defender Techniques :

Recently Windows Introduced new Feature called "Tamper Protection".Which Prevents the disable of real-time protection and modifying defender registry keys using powershell or cmd...If you need to disable real-time protection you need to do manually....But We will disable Real Time Protection using NSudo without trigerring Windows Defender

Running Defeat-Defender Script

Tested on Windows 11 Pro

After Reboot

Warning

This Script will completely Disable Windefend Services . And also it is very difficult to revert the changes..Think twice before you run the script

Behind The Scenes :

When Batch file is executed it ask for admin permissions.After getting admin privileage it starts to disable windows defender real time protectin , firewall , smartscreen and starts downloading our backdoor from server and it will placed in startup folder.The backdoor will be executed after it has downloaded from server..And will be started whenever system starts..

Check out this article :

https://secnhack.in/create-fud-fully-undetectable-payload-for-windows-10/

Note :

If you want to enable Defender Smart Screen.Use Smart Screen.bat file..

Discalimer :

Use this only for educational Purpose...Love you Guys Bye.....

Contact :

Inspired From TechChip

Special thanks to Jeffrey-d-howard(Senior Vulnerability Management Lead) For Posting Defeat-Defender on his linked page

❤️Supporters❤️

defeat-defender-v1.2.0's People

Contributors

Stargazers

Watchers

Forkers

on1-tech angeloped optionalg vdiyorbek witchfindertr wh014m cutff scam19992 f-society-freaks aaaddress1 rudinyu jr69ss an4kein ktm2590 freeide tomay3000 takianfif peachycloudsecurity livinglegend13 llenroc isiaon a7t0fwa7 the-invincible radioactivetobi mlynchcogent souldestroyer dannymas chaos-monkey-island h4xl0r k0uaz area39 crackercat h1d3r laowang1026 syslaowang gkfnf fadinglr 5l1v3r1 0x0000141 c0ns0le hartl3y94 jemysarin jermainlaforce papundutta jasonlou pafh99 himel-sarkar cur53onu tracy-shelby kerbgu lily110 y11en slickrickem ny0x696 fzxcp3 bigbrobro bvaudin tor-0 jilani-git amollambe25 azazelth ankit3k ruanjian668 phuong39 ndaman1 notchs2 reverse-ex papusingh2sms elephacking zha0 chronoss3 spectreprediction therealelyayo re-expoc davisshannon 8gm 467815891a bow789 flayme1050 yang-zhiyuan acc843739 f1r4s scriptidiot tai-rex solidssss codingman xstellacy x1a0zu1 realwuf pr0tect0 agelovito elikar-km j5s notabombe 1ndevelopment yanrising soiphon feilongluo gysf666 lorekin

defeat-defender-v1.2.0's Issues

The bat does not work

When copying the link, the bat is closed, if you do it manually, the bat writes an error and does not download the file

NSudo doesn't work

sc delete windefend - End of this :)

Hi,

NSudo -U:T -ShowWindowMode:Hide sc delete windefend
sc delete windefend - Defender started to pick it up(Detecting) from today and doesn't allow to run in CMD nor in powershell. IF you open Nsudo Visual interface and run command - all ok and defender will be turned off but from CMD no luck anymore... :-(

Question Read below

Hello currently im making a batch grabeer, since baums is patched and somali is obfuscator too..

i was wondering if i could use ths script with credits providen ofc.
if you do not accept it lmk, thanks.
also reason is simple, its FUD but why not to disable it also its cuz im lazy to write one..

Does not work Defender catches it immediately.

yayayayayayaay ;(

Not Working as Intended.

App Wont Disable Windows On Restart Nor Download the desired file. Tested on windows 11 Pro and Windows 10 pro Latest versions

Interesting project, would like to ask if we can use it.

Hi!

I saw that you have starred our advanced Discord Token Grabber called Rose-Injector.

We are currently looking for a good script that fully allows to disable or remove Windows Defender, because our current powershell script is not really good.

For these reasons, I would like to ask for your honest opinion on whether your program could be integrated into our project. If so, I'd like to ask if we can use your scripts.

Works but doesn't seem to work Allow permission denied I can't really turn off the antivirus, and it still doesn't turn off after restarting..

Works but doesn't seem to work Allow permission denied

I can't really turn off the antivirus, and it still doesn't turn off after restarting..

Very good repo.

Any suggestions how to make this file fud longer? Ofc people SHOULD NOT scan it with virustotal, etc.

Thanks for this repo, works great

script does not work if tamper protection is locked by sophos anti virus

Lots of red text (errors) when trying to run the script if tamper protection is locked by sophos anti virus. Following completion of the script tamper protection was still on.

Nsudo file modified

why Nsudo file provided in the script is modified?
the app is for 2018 and is modified in 2023 april

Not working

windows defender detected it

Can this be conversted to exe?

all in title ;)

Fix line: 73

Line 73 in file: Defeat-Defender.bat

should be changed to

cd "%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"

instead of

cd "%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup^M

when we give the batch file uac, does it run the malware with admin perms?

HackTool:BAT/DefeatDefend.C

It is getting detected... :'( how can i obsuficate the bat file? or protect it?? https://www.kleenscan.com/scan_result/0efd77d8b2283a63dca9d1b956ea55926d2fbc2cfe79755b46b865fb14e20092

my only issue is i cant give you money

how to tip my fine friend?

Ask - Tamper protection

This script goig to disabled "Tamper Protection" too?

Check out this article : https://secnhack.in/create-fud-fully-undetectable-payload-for-windows-10/ isss the arctile is for the verson v.1 BUT the v.2 verion has many diffrentt bat scrint & the above mention tutiolal doesnt works & it even confuses the beginerrrr like meeeeeeeee

Maybe I'm doing something wrong?

This script is no longet FUD

when i try to run "defeat_defender" defender detected this script and deleted it, kindly provide the solution