Comments (2)
Hello and thank you for letting me know. :)
I can reproduce the issue on my own machine. Funny enough though, only the ZIP file seems to trigger the alert. If I copy the extracted folder into a location that is monitored by Defender, nothing happens.
Anyway, with this project, I was expecting people to download only the final PrivescCheck.ps1
file, which is specially built (thanks to the Build.ps1
script) to partially evade AV and EDR.
So, in the end, I don't see what I can do more. I mean, most offensive security tools tend to be detected by AV and EDR so this kind of behavior is to be expected I guess. If people don't download it because they actually think it's a virus/trojan or whatever, I don't really care. The code is completely open source so they can make their own opinion about it without trusting my word if I say 'don't worry, it's safe'. ;)
from privesccheck.
Hello and thank you for letting me know. :)
I can reproduce the issue on my own machine. Funny enough though, only the ZIP file seems to trigger the alert. If I copy the extracted folder into a location that is monitored by Defender, nothing happens. Anyway, with this project, I was expecting people to download only the final
PrivescCheck.ps1
file, which is specially built (thanks to theBuild.ps1
script) to partially evade AV and EDR.So, in the end, I don't see what I can do more. I mean, most offensive security tools tend to be detected by AV and EDR so this kind of behavior is to be expected I guess. If people don't download it because they actually think it's a virus/trojan or whatever, I don't really care. The code is completely open source so they can make their own opinion about it without trusting my word if I say 'don't worry, it's safe'. ;)
Thanks for your fast answer. Yeah was totally my bad i thought we need to download all the Repository. For me you can now close this Issue, and thanks for your good explaination! Sorry about the missunderstand.
from privesccheck.
Related Issues (20)
- Get-ModifiablePath false positive result processing deny only SID HOT 9
- Helper script detected by AMSI when building HOT 1
- Wifi Airstrike Attack (CVE-2021-28316) already mitigated Apr 13, 2021 HOT 2
- Cannot find process with ID for UDP Endpoints HOT 2
- Specified cast is not valid HOT 9
- Windows 11 detected as Windows 10 HOT 3
- Scheduled Task: Binary Exploitation no detection HOT 2
- Empty WinLogon credentials HOT 1
- Check for vulnerable WPAD configuration? HOT 2
- Report Improvement Suggestion HOT 2
- [Improvement] Check for vulnerable drivers HOT 1
- SERVICES > Unquoted Path not work as expected HOT 3
- Credential Guard HOT 3
- [Feature Request] Readd Compliance Field HOT 4
- Getting erros when trying to run it HOT 2
- Get-HotFixList misses updates HOT 2
- LapsV2 is not being checked? HOT 3
- Check SMB signing required HOT 5
- Service binary permissions false positive HOT 1
- List ASR rules HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from privesccheck.