[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-1078":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":15,"stars7d":15,"stars30d":15,"stars90d":15,"forks30d":15,"starsTrendScore":15,"compositeScore":16,"rankGlobal":9,"rankLanguage":9,"license":17,"archived":18,"fork":18,"defaultBranch":19,"hasWiki":18,"hasPages":18,"topics":20,"createdAt":9,"pushedAt":9,"updatedAt":21,"readmeContent":22,"aiSummary":23,"trendingCount":15,"starSnapshotCount":15,"syncStatus":24,"lastSyncTime":25,"discoverSource":26},1078,"UnDefend","Nightmare-Eclipse\u002FUnDefend","Nightmare-Eclipse","Repository hosting windows defender DOS tool",null,"C++",373,131,7,1,0,6.36,"MIT License",false,"main",[],"2026-06-12 02:00:22","# UnDefend\nRepository hosting windows defender DOS tool\n\nThis tool does not need administrative privileges and can works as a standard user.\n\nIt runs in two modes, passive and aggressive,\n\nIn Passive mode, the PoC blocks all signature updates, causing defender to be unable to detect any new threats so if anything new is pushed by Microsoft, it is immediately blocked.\n\n![BottomText](UpdateError.png)\n\nIn Aggressive mode, the PoC aims to completely disable but it only works if Microsoft pushes a major platform update (update of MsMpEng.exe and other binaries), this update isn't pushed occasionally like signature updates so the PoC runs in passive mode by default. However, if you expect a major platform update, set the PoC to run in aggressive mode and it will cause windows defender to stop responding. It will be completely disabled and you can run whatever you want without having defender interfer in your business.\n\n![BottomText](EngineUnavailable.png)\n\nNow funnily enough, I found a way to lie to the EDR web console to show that defender is up and running with the latest update even if it's not. I was thinking about publishing the code but after thinking about it, it will cause waaay too much damage so I think I'll keep that stuff stashed for now. \n","UnDefend 是一个针对 Windows Defender 设计的拒绝服务工具。该工具使用 C++ 编写，无需管理员权限即可运行，并提供被动和主动两种模式。在被动模式下，它会阻止所有签名更新，使得 Defender 无法检测到新的威胁；而在主动模式下，当 Microsoft 推送重大平台更新时，该工具能够完全禁用 Defender，从而允许用户无干扰地运行任何程序。此项目适用于需要临时关闭或规避 Windows Defender 的测试环境或特定安全研究场景。请注意，此类工具可能涉及法律风险及安全隐患，在使用前请确保了解相关法律法规。",2,"2026-05-06 17:30:10","CREATED_QUERY"]