Defender is still on & Powershell profile not loading and other issues

[jessefmoore]

This is on Win11 Using Ludus version 1.5.0

TASK [PrymalInstynct.ludus_atomic_red_team : Disable Defender 1] *** fatal: [SP-win11-7]: FAILED! => {"changed": true, "debug": [], "error": [{"category_info": {"activity": "", "category": "ParserError", "category_id": 17, "reason": "ParentContainsErrorRecordException", "target_name": "", "target_type": ""}, "error_details": null, "exception": {"help_link": null, "hresult": -2146233087, "inner_exception": null, "message": "At line:1 char:1\r\n+ Add-MpPreference -ExclusionPath 'C:\'\r\n+ ~~~~~~~\nThis script contains malicious content and has been blocked by your antivirus software.", "source": null, "type": "System.Management.Automation.ParentContainsErrorRecordException"}, "fully_qualified_error_id": "ScriptContainedMaliciousContent", "output": "At line:1 char:1\r\n+ Add-MpPreference -ExclusionPath 'C:\'\r\n+ ~~~~~~~~~~~\r\nThis script contains malicious content and has been blocked by your antivirus software.\r\n + CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException\r\n + FullyQualifiedErrorId : ScriptContainedMaliciousContent\r\n \r\n", "pipeline_iteration_info": [], "script_stack_trace": "", "target_object": null}], "host_err": "", "host_out": "", "information": [], "output": [], "result": {}, "verbose": [], "warning": []}

Add this---> Add-MpPreference -ExclusionPath C:\AtomicRedTeam\

Powershell profile can not load due to scripts are not allowed to run. Need to add this---> Set-ExecutionPolicy Bypass -Force -ErrorAction Ignore

Also the Import-Module fails due to no Powershell-yaml Need to add this ---> Install-Module powershell-yaml -Force -ErrorAction Ignore

[PrymalInstynct]

Thanks for reporting, I haven't circled back to this role since I put it together and honestly won't have cycles to resolve the issues for a while. Feel free to submit a PR if you like and I can integrate it.