search

peass-ng / PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
https://book.hacktricks.xyz
Other
15.73k stars 3.05k forks source link

Update documentation: winPEAS.exe requires for obfuscation also an exception in Defender / AV #258

Closed new-gen23 closed 2 years ago

new-gen23 commented 2 years ago

Suggestion: Update Documentation to include exception folders in Defender.

If the obfuscation with Dotfuscator is necessary (often the case in legal security assessments), it is recommended to create a folder in Windows Defender that is excluded from scanning. This is required for the compilation in Visual Studio. However, it is also necessary for the obfuscation. One has to keep in mind that both, Visual Studio and Dotfuscator, require the input + temporary files + output within this exception folder. Otherwise, obfuscation will fail during compilation, as Defender will flag the temporary files in stub-pdb.

Is there any AV / Threat protection in the system?

Windows Defender

Please, indicate the OS, the OS version, and the kernel version (build number in case of Windows)

Windows 10

Please, indicate the check that is failing and add a screenshot showing the problem

image

carlospolop commented 2 years ago

Hi @new-gen23! Please, could you share also the instructions to create the exception for defender so I can update the documentation?

carlospolop commented 2 years ago

I just added your image to the readme to indicate that. Thanks!