This C# program finds Windows Defender folder exclusions using Windows Defender through its command-line tool (MpCmdRun.exe
).
The program processes directories recursively, with configurable depth and thread usage, and outputs information about exclusions and scan progress.
The program allows you to:
program.exe <BasePath> [options]
--max-threads N
: Set the maximum number of threads to use for scanning. Default is 3.--depth N
: Specify the maximum directory depth to scan. Depth 1 means only immediate subdirectories.--output <filePath>
: Specify a file path to log exclusions and errors.-h
, --help
: Display help and usage information.program.exe "C:\MyDirectory" --max-threads 5 --depth 3 --output scan_log.txt
This will scan C:\MyDirectory
up to a depth of 3 subdirectories, using 5 threads, and log any exclusions or errors to scan_log.txt
.
A blog explaining the technique utilised can be viewed here
Processed 2000 directories. Time elapsed: 23.78 seconds.
[+] Folder C:\users\user\Example is excluded
Processed 2500 directories. Time elapsed: 30.77 seconds.
C:\Program Files\Windows Defender\MpCmdRun.exe
.SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…
The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…
The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…
The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…
AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…
Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…