This C# program finds Windows Defender folder exclusions using Windows Defender through its command-line tool (MpCmdRun.exe
).
The program processes directories recursively, with configurable depth and thread usage, and outputs information about exclusions and scan progress.
The program allows you to:
program.exe <BasePath> [options]
--max-threads N
: Set the maximum number of threads to use for scanning. Default is 3.--depth N
: Specify the maximum directory depth to scan. Depth 1 means only immediate subdirectories.--output <filePath>
: Specify a file path to log exclusions and errors.-h
, --help
: Display help and usage information.program.exe "C:\MyDirectory" --max-threads 5 --depth 3 --output scan_log.txt
This will scan C:\MyDirectory
up to a depth of 3 subdirectories, using 5 threads, and log any exclusions or errors to scan_log.txt
.
A blog explaining the technique utilised can be viewed here
Processed 2000 directories. Time elapsed: 23.78 seconds.
[+] Folder C:\users\user\Example is excluded
Processed 2500 directories. Time elapsed: 30.77 seconds.
C:\Program Files\Windows Defender\MpCmdRun.exe
.Introduction As cyber threats grow more sophisticated, organizations need more than just firewalls and antivirus…
Introduction When it comes to cybersecurity and ethical hacking, one of the most effective ways…
Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…
Introduction In the vast ocean of the internet, the most powerful tool you already have…
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…