# windows

## Disable Microsoft Defender Antivirus:

In Windows versions 1909 and higher, Tamper Protection was added. **Tamper Protection must be disabled, otherwise Group Policy settings are ignored.**

1. Open Windows Security (type `Windows Security` in the search box)
2. Virus & threat protection > Virus & threat protection settings > Manage settings
3. Switch `Tamper Protection` to `Off`

> It is not necessary to change any other setting (`Real Time Protection`, etc.)

> **Important.** Tamper Protection must be disabled before changing Group Policy settings.

To permanently disable Real Time Protection

1. Open Local Group Policy Editor (type `gpedit` in the search box)
2. Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > Real-time Protection
3. Enable `Turn off real-time protection`
4. **Reboot**

> Make sure to **reboot** before making the next change

To permanently disable Microsoft Defender:

1. Open Local Group Policy Editor (type `gpedit` in the search box)
2. Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus
3. Enable `Turn off Microsoft Defender Antivirus`
4. **Reboot**

## Comando VM

Welcome to CommandoVM - a fully customizable, Windows-based security distribution for penetration testing and red teaming.

{% embed url="<https://github.com/mandiant/commando-vm>" %}