This C# program finds Windows Defender folder exclusions using Windows Defender through its command-line tool (MpCmdRun.exe
).
The program processes directories recursively, with configurable depth and thread usage, and outputs information about exclusions and scan progress.
The program allows you to:
program.exe <BasePath> [options]
--max-threads N
: Set the maximum number of threads to use for scanning. Default is 3.--depth N
: Specify the maximum directory depth to scan. Depth 1 means only immediate subdirectories.--output <filePath>
: Specify a file path to log exclusions and errors.-h
, --help
: Display help and usage information.program.exe "C:\MyDirectory" --max-threads 5 --depth 3 --output scan_log.txt
This will scan C:\MyDirectory
up to a depth of 3 subdirectories, using 5 threads, and log any exclusions or errors to scan_log.txt
.
A blog explaining the technique utilised can be viewed here
Processed 2000 directories. Time elapsed: 23.78 seconds.
[+] Folder C:\users\user\Example is excluded
Processed 2500 directories. Time elapsed: 30.77 seconds.
C:\Program Files\Windows Defender\MpCmdRun.exe
.Argus is an all-in-one, Python-powered toolkit designed to streamline the process of information gathering and…
A specialized tool designed for user enumeration on the Slack platform. This powerful utility aids…
This repository will be used to add documents, pictures, etc on LEA efforts; Indictments, Seizure…
A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization…
Short: a Red Team's SIEM. Longer: a Red Team's SIEM that serves two main goals:…
C# port of ZeroMemoryEx's Terminator, so all hail goes to him. Usage You can download…