windows-defender-remover
by ionuttbara
A powerful tool to completely remove or disable Windows Defender and its associated security components on Windows 8.x, 10, and 11.
A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.
Primary Use Case
This tool is designed for users or administrators who need to fully disable or remove Windows Defender and related security features for compatibility, performance, or testing purposes. It is particularly useful in environments where Windows Defender conflicts with other security solutions or custom configurations. The tool automates the removal process, ensuring all Defender components and related services are disabled or uninstalled.
- Removes/disables Windows Defender and Windows Security App
- Disables Windows Virtualization-Based Security (VBS) and Hypervisor startup
- Removes Windows SmartScreen and Tamper Protection
- Disables Windows Security Center services and telemetry
- Removes antivirus components including definition updates and scanning tasks
- Disables User Account Control (UAC) and File Virtualization (LUA)
- Removes Windows Security section from Settings App
- Supports automation via command-line arguments
Installation
- Download the packed script from the Releases page
- Run the .exe file as administrator
- Follow the on-screen instructions
- Alternatively, clone the repository using 'git clone https://github.com/ionuttbara/windows-defender-remover.git'
- Navigate to the cloned directory and run 'Script_Run.bat'
- Or download the source code zip from Releases, extract it, and run 'Script_Run.bat'
Usage
>_ Defender.Remover.exe /rRuns the removal process to disable and remove Windows Defender components
>_ Defender.Remover.exe /RAlternative syntax to run the removal process
>_ Script_Run.batRuns the main script to remove or disable Windows Defender when executed from the source or cloned repository
- Can be used by red teams to simulate advanced adversaries disabling endpoint defenses for stealthy operations.
- Useful in testing compatibility and conflicts between multiple endpoint security solutions in enterprise environments.
- Should be used with caution by blue teams as it disables critical protections, potentially exposing systems to real threats.
- Automation via CLI enables integration into larger attack simulation frameworks or deployment scripts.
- Ideal for purple team exercises focusing on detection and response to defense evasion techniques.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about windows-defender-remover. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
rustdesk
rustdesk/rustdesk
An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.
osquery
osquery/osquery
SQL powered operating system instrumentation, monitoring, and analytics.
macOS-Security-and-Privacy-Guide
drduh/macOS-Security-and-Privacy-Guide
Community guide to securing and improving privacy on macOS.
How-To-Secure-A-Linux-Server
imthenachoman/How-To-Secure-A-Linux-Server
An evolving how-to guide for securing a Linux server.
Atlas
Atlas-OS/Atlas
🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
fail2ban
fail2ban/fail2ban
Daemon to ban hosts that cause multiple authentication errors