# aptortellini/undefender

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/aptortellini-undefender).**

0 stars · 0 forks

## Links

- GitHub: https://github.com/APTortellini/unDefender
- awesome-repositories: https://awesome-repositories.com/repository/aptortellini-undefender.md

## Description

unDefender is the C++ implementation of a technique originally described by @jonasLyk in this Twitter thread. At its core, this technique revolves around changing the \Device\BootDevice symbolic link in the Windows Object Manager so that when Defender's WdFilter driver is unloaded and loaded…

## Tags

### Part of an Awesome List

- [Defense Evasion](https://awesome-repositories.com/f/awesome-lists/security/defense-evasion.md) — Disables antimalware using symbolic link abuse.